[Cryptography] [FORGED] Re: Hope Apple Fights This!
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed Feb 17 23:28:06 EST 2016
Kevin W. Wall <kevin.w.wall at gmail.com> writes:
>If this were just about getting access to THIS PARTICULAR phone, does anyone
>believe that the NSA TAO couldn't do it, even if it meant surreptitiously
>stealing Apple's current source code and signing key(s).
You don't even need to do that, just use a glitch attack a la smart card
hackers 20+ years ago. Unless the checking code is something like:
result = constant-time-memcmp( entered-PIN, stored-PIN );
decrement counter;
if result = FALSE goto retry;
increment counter;
which it probably won't be, it'll be more like:
if( !memcmp( entered-PIN, stored-PIN ) )
decrement counter;
goto retry;
then all you need to do is reset the CPU before the counter is decremented, or
just walk down the memcmp() with a timing attack. It helps if you can
underclock the CPU, which seems to be do-able on most CPUs in devices like
this.
Peter.
More information about the cryptography
mailing list